<?php

/**
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 * http://www.gnu.org/copyleft/gpl.html
 */
 


/**
 *  @file
 *  @Author Samuel Maura
 *  user management
 */


require_once("".$_SERVER['DOCUMENT_ROOT']."/xenix/models/dbQuery.inc");
require_once("".$_SERVER['DOCUMENT_ROOT']."/xenix/models/encrypt.php");


class User extends DBQuery {

  protected $user_table;
  protected $connection;
  private $username;
  private $email;
  private $user_id;
  private $passwordHash; 
 
  
  
  public function __construct(){
    $this->connection = dbManager::connect();  
  }

// Create new user
function add($row_data){
  $encrypt = new EncryptString();
  $this->user_table = array();
  $this->user_table['id'] = $row_data['id'];
  $this->user_table['username'] = $row_data['username'];
  $this->user_table['email'] = $row_data['email'];
  $this->user_table['password'] = $encrypt->generateEncryptedString($row_data['password']);
  //$this->user_table['access'] = $row_data['access'];
  
  $query = "INSERT INTO users (id,username,email,password) values 
    (".$this->user_table['id'].",'".$this->user_table['username']."','".$this->user_table['email']."',
    '".$this->user_table['password']."')";
   $this->queryString($query);
   
  }
  
  
function getUserName(){
  return $this->username;
}  

function getEmail($user_id = null){
  if ($user_id === null){ 
    return $this->email;
  }
  else{
    $query = "SELECT email FROM users WHERE id <=> '".$user_id."'";
    $this->queryString($query);
    $result = $this->getRowSet();
    $this->email = $result[0]['email'];
    return $this->email;
  }
}  


function getUserId(){
  return $this->user_id;
}

function getPasswordHash($email){
  $query = "SELECT email,password FROM users WHERE email <=> '".$email."'";
  $this->queryString($query);
  if ($this->rowCount() == 1){
     $result = $this->getRowSet();
     $this->email = $result[0]['email'];
     return $result[0]['password'];
  }
  else{
    return false;
  }
  
}

function confirmCredentials($username,$password){
  $query = "SELECT id, email, username, password FROM users WHERE username = '".$username."'"; 
  $this->queryString($query);
  
  if ($this->rowCount() == 1){
    $result = $this->getRowSet();
    $encryptedPassword = $result[0]['password'] ;
    $encrypt = new EncryptString();
    $salt = $encrypt->getSaltFromEncryptedString($encryptedPassword);
    if ($encryptedPassword == $encrypt->generateEncryptedString($password,$salt)){
      $this->username = $result[0]['username'];
      $this->email = $result[0]['email'];
      $this->user_id = $result[0]['id'];
      // login date
      $query = "update users set login = '".date('Y-m-d H:i:s')."' WHERE username = '".$username."'"; 
      $this->queryString($query);
      return TRUE;
    }
    else{
      return FALSE;
    }
    
  }
  else{
    return FALSE;
  }
  
}



function userExist($username){
  $query = "SELECT count(username) as username_count from users where username <=> '".$username."' ";
   $this->queryString($query);
  $result = $this->getRowSet();
  
  if ( intval($result[0]['username_count']) > 0 ){
    return TRUE;
  }
  else {
    return FALSE;
  }
}

function emailExist($email){
  $query = "SELECT count(email) as email_count from users where email <=> '".$email."' ";
  $this->queryString($query);
  $result = $this->getRowSet();
  
  if ( intval($result[0]['email_count']) > 0 ){
    return TRUE;
  }
  else {
    return FALSE;
  }
  
}



  function updateEmail($user_id,$email){
    if ($this->emailExist($email)){
      return false;
    }
    else{
      $query = "update users set email ='".$email."' where id ='".$user_id."'  ";
      $this->queryString($query);
      return true;
    }
  }
  
  
  
  function updatePassword($user_id,$old_password,$new_password){
     $query = "SELECT password FROM users WHERE id = '".$user_id."'"; 
     $this->queryString($query);
  
    if ($this->rowCount() == 1){
      $result = $this->getRowSet();
      $encryptedPassword = $result[0]['password'] ;
      $encrypt = new EncryptString();
      $salt = $encrypt->getSaltFromEncryptedString($encryptedPassword);
      
      // Validate old password    
      if ($encryptedPassword == $encrypt->generateEncryptedString($old_password,$salt)){
        $this->passwordHash = $encrypt->generateEncryptedString($new_password); 
        $query = "update users set password ='".$this->passwordHash."' where id ='".$user_id."'  ";
        $this->queryString($query);
        return true;
      }
      else{
        return false; // old password invalid
      }
    }
    else{
      return false;
    }
    
  }
  
  
 function userCount(){
   $query = "SELECT COUNT(*) as total FROM users";
   $this->queryString($query);
   $rows = $this->getRowSet();
   if ($rows != NULL){
     foreach($rows as $index){
       foreach($index as $field => $content ){
         echo nl2br("{$field} users:\n  {$content} \n");
       } 
     }  
   }
   else{
     return 0;
   }
 }
 
 
}

?>